Just trying to replace my security server with UAG 3.9. After deployment i try to login to url Https://IPADDRESS:9443/admin and get "Cannot Connect to this Page". IP is alive and well so not sure what the hold-up is. Any help or suggestions are welcome.
I was aware that there's a fling/utility, but I've never used it. Maybe I should change my mind, it's really nice.
Anyway, here's what I think that should work as expected:
eth0 - IP: 10.0.90.99, Netmask: 255.255.255.0 (Internet)
eth1 - IP: 10.0.10.99, Netmask: 255.255.255.0 (Management, and Backend)
eth1 - configure static routes to your internal subnets, on which you run your admin station, the connection server, and the VDI clients
Default Gateway: 10.0.90.1
André
Only a thought. When I did this last week, I used the Powershell method to deploy the UAG, and forgot to add the defaultGateway in the .ini file.
If you have a system in your DMZ (i.e. in the same subnet as the UAG management), try whether you can access the Login page from this system.
André
I'm sure i put teh gateway in. Used 10.0.90.1 for the public side and 90.1 for the gateway. Do I need any static routes?
Logon with the console and use the vami_config_net command to check the settings,usually for me its a typo somewhere
If you are not able to access the Admin UI login screen, check to see if the virtual machine has the IP address displayed during the installation of the OVA. If the IP address is not configured, use the VAMI command mentioned in the UI to reconfigure the NICs. Run the command as "cd /opt/vmware/share/vami" then the command "./vami_config_net".
Assuming that the UAG has been deployed in a DMZ, can you confirm that port 9443 (TCP) is open for traffic from the system on which you try to access the UAG to the DMZ?
André
Out of curiosity. Do you have a special reason why you deploy version 3.9 instead of the latest one (2009/2009.1)?
André
This is located in the DMZ and it appears that 9443 is not accepting connections.
I am running 3.9 since that is what i had downloaded. Still going to be running Horizon version 7.13 for a bit.
According to your previous question, you're still running a Security Server. Is this server in the same DMZ/subnet as the UAG's management? If so, please see whether you can access the UAG's login page from the Security Server.
André
Not able to access from there either
That's indeed unusual.
So the IP address shows up on the VM Summary page, and you can confirm that the IP address is unique, the subnet mask is correct, and the gateway has been configured too.
How did you do the deployment? By deploying the OVA manually, or using the Powershell method? In case of using Powershell, is there a chance that you compress/zip the .ini file, and attach it to a reply post?
André
That is correct. I used the Deployment Utility. The IP is unique and once deployed i can ping it. If i shut it down i cannot. The IP shows up correctly in vCenter and the gateway is set to the DMZ Nic which is 90.1.
The only thing that i see odd in the config is the DNS server address. I can input my DNS but it's a diff subnet than the DMS or the private address. So it shows as a 127.0.0.53. I tried to change it but still says 127... At this point i don't think that should matter since im using the IP address
What makes me think is "Used 10.0.90.1 for the public side and 90.1 for the gateway." The same address for UAG, and gateway??
Can you please provide the IP settings that you have configured, i.e. IP address, subnet mask and default gateway address?
André
Whats your internal address, thats the one where the 9443 address should be.
The 10.0.10.99 is the internal and that one doesn't work either. I tried that one. Even changed the gateway to match that. This is the video i watched prior to depoloying and looks like it's a 2 nic setup and the Gateway and IP used was the external.
https://www.youtube.com/watch?v=fbOtcCqbRYw
I'm pretty sure itshould be the internal one, look at the images I took from the video. Eth1 is the one he is accessing the admin interface with. Its been a bit since I installed my last one I'll find my notes to be sure, but the kb I shared before says management should be on the internal one and the video is looking to be like it should be the internal one.
Review some of these resources too, one of the videos has a graphic that shows the same
https://techzone.vmware.com/mastering-unified-access-gateway#deploy
The way i follow it is that the the External IP (10.10.174.x) NIC is using the Gateway that he adds (10.10.174.254). The internal is on 172.16.x.x